Fix a local-only CPU DoS bug. (!1196) · Merge requests · The Tor Project / Core / Arti

Nick Mathewson requested to merge nickm/arti:socks-read-fix into main May 22, 2023

Previously, there was a bug in the way that our code used our SOCKS implementations. If the buffer used for a SOCKS handshake became full without completing the handshake, then rather than expanding the buffer or closing the connection, our code would keep trying to read into the zero-byte slice available in the full buffer forever, in a tight loop.

We're classifying this as a LOW-severity issue, since it is only exploitable by pluggable transports (which are trusted) and by local applications with access to the SOCKS port.

Closes #861 (closed).

Reported-By: Jakob Lell

Fix a local-only CPU DoS bug.

Merge request reports